Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/jPNbnexMphQ1cHiJTq62SpaIwh4.roa
File: jPNbnexMphQ1cHiJTq62SpaIwh4.roa (raw, json)
Hash identifier: MKUqM6l4qPYTwE+2HLpBBZS8IPYRWooRs4XuqevujUI=
Subject key identifier: 8C:F3:5B:9D:EC:4C:A6:14:35:70:78:89:4E:AE:B6:4A:96:88:C2:1E
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01933419DC7CD05FF040E0414B9DA9DDCC64
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/jPNbnexMphQ1cHiJTq62SpaIwh4.roa
Signing time: Sat 16 Nov 2024 08:32:10 +0000
ROA not before: Sat 16 Nov 2024 08:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:8b40::/29 maxlen: 29
2a0d:9440::/29 maxlen: 29
2a11:4080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:34:19:dc:7c:d0:5f:f0:40:e0:41:4b:9d:a9:dd:cc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Nov 16 08:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cf35b9dec4ca614357078894eaeb64a9688c21e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:37:ed:79:8b:7b:1d:c2:49:45:81:3c:77:57:
fe:90:d4:2d:81:ad:08:30:64:8d:62:83:ba:32:5f:
da:10:8c:97:60:29:af:bf:4f:98:9c:19:15:d2:91:
77:51:94:8e:27:e4:bd:ec:3e:71:b3:60:c5:83:4a:
c1:4e:9b:5f:2e:e7:e1:30:e5:8d:22:ad:18:bb:c2:
58:5b:8e:fa:05:b0:64:94:b6:d5:c5:0a:22:cb:07:
bd:f2:37:d7:51:62:85:d9:24:be:57:60:ab:2d:d3:
95:a3:1c:15:40:63:11:c1:a4:8c:1f:c5:59:07:ed:
a4:4b:ce:63:46:cc:f3:1c:60:1d:ef:ff:45:4b:d2:
49:28:b9:eb:28:67:b3:23:55:e3:c3:7a:4c:ef:60:
23:a3:9a:35:47:52:31:80:bb:91:b3:99:8b:24:5e:
ff:ed:26:68:c4:08:72:39:d4:59:aa:74:15:dd:a9:
45:14:cf:33:f6:12:d9:b7:53:4e:27:33:83:ba:79:
8c:9e:c2:11:ed:74:56:97:74:7f:67:9d:92:f1:f9:
76:2a:e3:01:ce:bd:29:ad:36:34:49:b9:5c:b7:88:
b5:fd:fe:c5:0b:38:5a:32:43:55:f1:ba:1c:6e:34:
3d:4b:95:8c:ed:ae:a0:76:e4:44:29:35:e9:5d:1b:
8f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F3:5B:9D:EC:4C:A6:14:35:70:78:89:4E:AE:B6:4A:96:88:C2:1E
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/jPNbnexMphQ1cHiJTq62SpaIwh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8b40::/29
2a0d:9440::/29
2a11:4080::/29
Signature Algorithm: sha256WithRSAEncryption
3b:a0:b1:38:69:f5:bc:29:67:99:f1:74:6e:5c:d2:f8:79:ff:
cc:dd:6e:88:09:6c:ee:3d:82:7c:ed:54:d4:75:da:7a:0d:97:
9c:77:53:2c:3a:2f:92:03:6b:f0:19:52:03:13:90:16:38:7f:
20:f0:ed:a0:42:a1:c8:96:ea:21:c4:07:55:d0:9b:2b:0e:2c:
c0:6b:f0:4a:5b:77:77:a1:69:b2:4a:b4:17:6e:75:d6:db:38:
4b:b6:58:9a:6e:05:5a:f1:1b:d7:3d:1c:6d:17:91:5e:29:3c:
cf:fd:6d:84:8b:2a:ef:6b:9e:23:db:c1:1a:49:c9:bc:86:f3:
1d:ed:73:57:23:a7:e2:8b:1c:35:85:18:ac:4f:6c:75:a5:92:
87:fd:a6:13:e6:d9:14:01:cd:f7:83:f7:cc:b8:e2:82:3f:70:
38:4f:6e:2e:26:8b:4b:34:70:88:6b:c7:41:56:16:c6:a6:2e:
7f:60:8f:03:95:2e:43:bc:7c:ca:6f:fa:05:57:5a:d5:92:9d:
7d:3e:53:58:8e:f2:03:99:d7:1a:90:ea:3f:c3:15:55:b9:46:
d9:99:fe:08:01:ab:9c:4f:98:ec:23:95:e8:5c:c0:ef:bb:bd:
60:9b:87:07:1e:d5:ca:f5:47:4c:2d:89:43:27:93:19:97:d6:
d9:e3:d8:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZM0Gdx80F/wQOBBS52p3cxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQxMTE2MDgzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YzNWI5ZGVjNGNhNjE0MzU3MDc4ODk0ZWFlYjY0YTk2ODhjMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zfteYt7HcJJRYE8d1f+kNQtga0I
MGSNYoO6Ml/aEIyXYCmvv0+YnBkV0pF3UZSOJ+S97D5xs2DFg0rBTptfLufhMOWN
Iq0Yu8JYW476BbBklLbVxQoiywe98jfXUWKF2SS+V2CrLdOVoxwVQGMRwaSMH8VZ
B+2kS85jRszzHGAd7/9FS9JJKLnrKGezI1Xjw3pM72Ajo5o1R1IxgLuRs5mLJF7/
7SZoxAhyOdRZqnQV3alFFM8z9hLZt1NOJzODunmMnsIR7XRWl3R/Z52S8fl2KuMB
zr0prTY0Sblct4i1/f7FCzhaMkNV8bocbjQ9S5WM7a6gduREKTXpXRuP3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIzzW53sTKYUNXB4iU6utkqWiMIeMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvalBOYm5leE1waFExY0hpSlRxNjJTcGFJd2g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg2LQAMF
AyoNlEADBQMqEUCAMA0GCSqGSIb3DQEBCwUAA4IBAQA7oLE4afW8KWeZ8XRuXNL4
ef/M3W6ICWzuPYJ87VTUddp6DZecd1MsOi+SA2vwGVIDE5AWOH8g8O2gQqHIluoh
xAdV0JsrDizAa/BKW3d3oWmySrQXbnXW2zhLtliabgVa8RvXPRxtF5FeKTzP/W2E
iyrva54j28EaScm8hvMd7XNXI6fiixw1hRisT2x1pZKH/aYT5tkUAc33g/fMuOKC
P3A4T24uJotLNHCIa8dBVhbGpi5/YI8DlS5DvHzKb/oFV1rVkp19PlNYjvIDmdca
kOo/wxVVuUbZmf4IAaucT5jsI5XoXMDvu71gm4cHHtXK9UdMLYlDJ5MZl9bZ49h/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:15 2025 by rpki-client